[Full-disclosure] Skype - URI Handler Command Switch Parsing

======================================================================== = Skype - URI Handler Command Switch Parsing = = Vendor Website: = http://www.skype.com = = Affected Version: = Skype for Windows: = All releases prior to and including 2.0..104 = Release 2.5..0 to and including 2.5..78 = =...

Skype information leak

It's possible to construct URL in the file file will be transferred from Skype user's computer to another skype user without any confirmation...

SKYPE-SB/2006-001: Improper handling of URI arguments

SKYPE-SB/2006-001: Improper handling of URI arguments Bulletin title: Improper handling of URI arguments Bulletin ID: SKYPE-SB/2006-001 Bulletin status: FINAL Date of announcement: 2006-05-19 08:00:00 +0000 Products affected: Skype for Windows Vulnerability type: Argument handling CVE references:...

Do All in Cmd Shell-vulnerability warning-the black bar safety net

Directory 1, Preface 2, The file transmission 3, The system configuration 4, the network configuration 5, software installation 6, Windows Script 7, The accompanying statement Foreword Cmd Shellcommand line interactionis a hack eternal topic, it is the historic and enduring it. This article is...

Design/Logic Flaw

ircpio.c in libopenobex for ircp 1.2, when ircp is run with the -r option, does not prompt the user when overwriting files, which allows user-assisted remote attackers to overwrite dangerous files via an arbitrary destination file name in an OBEX File Transfer session...

CVE-2006-2366

ircpio.c in libopenobex for ircp 1.2, when ircp is run with the -r option, does not prompt the user when overwriting files, which allows user-assisted remote attackers to overwrite dangerous files via an arbitrary destination file name in an OBEX File Transfer session...

CVE-2006-2366

ircpio.c in libopenobex for ircp 1.2, when ircp is run with the -r option, does not prompt the user when overwriting files, which allows user-assisted remote attackers to overwrite dangerous files via an arbitrary destination file name in an OBEX File Transfer session...

DEBIAN-CVE-2006-2366

ircpio.c in libopenobex for ircp 1.2, when ircp is run with the -r option, does not prompt the user when overwriting files, which allows user-assisted remote attackers to overwrite dangerous files via an arbitrary destination file name in an OBEX File Transfer session...

CVE-2006-2366

ircpio.c in libopenobex for ircp 1.2, when ircp is run with the -r option, does not prompt the user when overwriting files, which allows user-assisted remote attackers to overwrite dangerous files via an arbitrary destination file name in an OBEX File Transfer session...

CVE-2006-2366

CVE-2006-2366 affects libopenobex/ircp 1.2. The ircp -r mode does not prompt before overwriting files in OBEX File Transfer, allowing user-assisted remote attackers to overwrite arbitrary destination files. Concrete details in the NVD/NVD-derived entries confirm the vulnerability in ircp_io.c and...

CVE-2006-2366

ircpio.c in libopenobex for ircp 1.2, when ircp is run with the -r option, does not prompt the user when overwriting files, which allows user-assisted remote attackers to overwrite dangerous files via an arbitrary destination file name in an OBEX File Transfer session...

CVE-2006-2366

ircpio.c in libopenobex for ircp 1.2, when ircp is run with the -r option, does not prompt the user when overwriting files, which allows user-assisted remote attackers to overwrite dangerous files via an arbitrary destination file name in an OBEX File Transfer session...

Heap overflow

Heap-based buffer overflow in Winny 2.0 b7.1 and earlier allows remote attackers to execute arbitrary code via long strings to certain commands sent to the file transfer port...

CVE-2006-2007

Heap-based buffer overflow in Winny 2.0 b7.1 and earlier allows remote attackers to execute arbitrary code via long strings to certain commands sent to the file transfer port...

CVE-2006-2007

CVE-2006-2007 describes a heap-based buffer overflow in Winny 2.0 b7.1 and earlier. The vulnerability occurs when processing certain commands sent to the file transfer port, using unvalidated input (long strings) that can lead to remote code execution. Affected product: Winny (2.0 b7.1 and earlie...

How To Protect Against Instant Messaging Vulnerabilities: Blocking Google Talk

Google Talk is an application used to call or send instant messages for Microsoft Windows operating systems. Instant messaging applications may risk an organization's security in the following ways:1. Vulnerabilities in IM applications could be exploited to compromise a user's system i.e MSN...

CVE-2006-1366

Buffer overflow in the Motorola PEBL U6 08.83.76R, and possibly other Motorola P2K-based phones, allows remote attackers to cause a denial of service device shutdown, and possibly execute arbitrary code, via a long OBEX setpath to the OBEX File Transfer aka FTP service on Bluetooth channel 9...

[Full-disclosure] DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack'

DMA2006-0321a - 'Motorola P2K Platform setpath overflow and Blueline attack' Author: Kevin Finisterre Vendor: http://www.motorola.com Product: 'Motorola PEBL U6, Motorola V600, other Motorola P2k based phones?' References: http://www.digitalmunition.com/DMA2006-0321a.txt...

TFTP Packet Buffer Overflow

libcurl uses the given file part of a TFTP URL in a manner that allows a malicious user to overflow a heap-based memory buffer due to the lack of boundary check. This overflow happens if you pass in a URL with a TFTP protocol prefix "tftp://", using a valid host and a path part that is longer tha...

freeFTPd 1.0 Username Overflow

This module exploits a stack buffer overflow in the freeFTPd multi-protocol file transfer service. This flaw can only be exploited when logging has been enabled non-default. This module requires Metasploit: https://metasploit.com/download Current source:...